pi-lens 2.2.9 → 3.0.0

package/clients/rust-client.ts

@@ -10,6 +10,7 @@
 import { spawnSync } from "node:child_process";
 import * as fs from "node:fs";
 import * as path from "node:path";
+import { safeSpawn } from "./safe-spawn.js";
 
 // --- Types ---
 
@@ -85,10 +86,8 @@ export class RustClient {
 						return p;
 					}
 				} else {
-					const result = spawnSync(p, ["--version"], {
-						encoding: "utf-8",
+					const result = safeSpawn(p, ["--version"], {
 						timeout: 3000,
-						shell: true,
 					});
 					if (!result.error && result.status === 0) {
 						this.cargoPath = p;
@@ -133,15 +132,12 @@ export class RustClient {
 		if (!fs.existsSync(absolutePath)) return [];
 
 		try {
-			const cargoCmd = cargoExe.includes(" ") ? `"${cargoExe}"` : cargoExe;
-			const result = spawnSync(
-				cargoCmd,
+			const result = safeSpawn(
+				cargoExe,
 				["check", "--message-format", "json"],
 				{
-					encoding: "utf-8",
 					timeout: 60000,
 					cwd,
-					shell: true,
 				},
 			);
 
@@ -160,14 +156,12 @@ export class RustClient {
 		if (!this.isAvailable()) return [];
 
 		try {
-			const result = spawnSync(
+			const result = safeSpawn(
 				"cargo",
 				["clippy", "--message-format", "json"],
 				{
-					encoding: "utf-8",
 					timeout: 60000,
 					cwd,
-					shell: true,
 				},
 			);
 

package/clients/safe-spawn.js

@@ -0,0 +1,96 @@
+/**
+ * Safe cross-platform spawn utilities
+ *
+ * Wraps child_process.spawnSync to handle Windows execution safely
+ * without triggering deprecation warnings.
+ *
+ * Strategy:
+ * - Unix: Use shell: false with normal args
+ * - Windows: Manually construct command string to avoid deprecation warning,
+ *   then use shell: true with no args array
+ */
+import { spawnSync } from "node:child_process";
+/**
+ * Escape an argument for Windows shell execution.
+ * Handles spaces, quotes, $variables, and special characters.
+ */
+function escapeWindowsArg(arg) {
+    // Check if this looks like an ast-grep pattern with meta-variables ($NAME)
+    // In Git Bash/MSYS2 on Windows, $VAR gets expanded by the shell
+    // We need to use single quotes to prevent expansion
+    if (arg.includes("$")) {
+        // Use single quotes for arguments with $variables
+        // Escape single quotes within the argument
+        return `'${arg.replace(/'/g, "'\\''")}'`;
+    }
+    // If no special characters, return as-is
+    if (!/[\s\"]/.test(arg))
+        return arg;
+    // Escape quotes by doubling them
+    return `"${arg.replace(/"/g, "\"\"")}"`;
+}
+/**
+ * Construct a command string for Windows shell execution.
+ * This avoids the deprecation warning by not passing an args array.
+ */
+function buildWindowsCommand(command, args) {
+    const escapedArgs = args.map(escapeWindowsArg).join(" ");
+    return `${command} ${escapedArgs}`;
+}
+/**
+ * Safely spawn a process cross-platform without shell deprecation warnings.
+ *
+ * On Windows: Uses shell: true but constructs the command string manually
+ * to avoid the deprecation warning about unescaped args.
+ * On Unix: Uses shell: false for normal execution.
+ */
+export function safeSpawn(command, args, options) {
+    if (process.platform === "win32") {
+        // On Windows, construct the full command string and use shell: true
+        // without an args array. This avoids the deprecation warning.
+        const fullCommand = buildWindowsCommand(command, args);
+        const result = spawnSync(fullCommand, {
+            ...options,
+            encoding: "utf-8",
+            shell: true,
+            windowsHide: true,
+        });
+        return {
+            stdout: result.stdout?.toString() || "",
+            stderr: result.stderr?.toString() || "",
+            status: result.status,
+            error: result.error,
+        };
+    }
+    // On Unix, use shell: false (the default) with normal args
+    const result = spawnSync(command, args, {
+        ...options,
+        encoding: "utf-8",
+        shell: false,
+        windowsHide: true,
+    });
+    return {
+        stdout: result.stdout?.toString() || "",
+        stderr: result.stderr?.toString() || "",
+        status: result.status,
+        error: result.error,
+    };
+}
+/**
+ * Check if a command is available in PATH
+ */
+export function isCommandAvailable(command) {
+    const result = safeSpawn(process.platform === "win32" ? "where" : "which", [command], { timeout: 5000 });
+    return result.status === 0;
+}
+/**
+ * Find the full path to a command (npx, node, etc.)
+ */
+export function findCommand(command) {
+    const finder = process.platform === "win32" ? "where" : "which";
+    const result = safeSpawn(finder, [command], { timeout: 5000 });
+    if (result.status !== 0)
+        return null;
+    // Take first line (first match)
+    return result.stdout.trim().split("\n")[0] || null;
+}

package/clients/safe-spawn.ts

@@ -0,0 +1,128 @@
+/**
+ * Safe cross-platform spawn utilities
+ *
+ * Wraps child_process.spawnSync to handle Windows execution safely
+ * without triggering deprecation warnings.
+ *
+ * Strategy:
+ * - Unix: Use shell: false with normal args
+ * - Windows: Manually construct command string to avoid deprecation warning,
+ *   then use shell: true with no args array
+ */
+
+import { spawnSync, type SpawnOptions } from "node:child_process";
+
+export interface SpawnResult {
+	stdout: string;
+	stderr: string;
+	status: number | null;
+	error?: Error;
+}
+
+export interface SafeSpawnOptions {
+	timeout?: number;
+	cwd?: string;
+	env?: NodeJS.ProcessEnv;
+}
+
+/**
+ * Escape an argument for Windows shell execution.
+ * Handles spaces, quotes, $variables, and special characters.
+ */
+function escapeWindowsArg(arg: string): string {
+	// Check if this looks like an ast-grep pattern with meta-variables ($NAME)
+	// In Git Bash/MSYS2 on Windows, $VAR gets expanded by the shell
+	// We need to use single quotes to prevent expansion
+	if (arg.includes("$")) {
+		// Use single quotes for arguments with $variables
+		// Escape single quotes within the argument
+		return `'${arg.replace(/'/g, "'\\''")}'`;
+	}
+
+	// If no special characters, return as-is
+	if (!/[\s\"]/.test(arg)) return arg;
+
+	// Escape quotes by doubling them
+	return `"${arg.replace(/"/g, "\"\"")}"`;
+}
+
+/**
+ * Construct a command string for Windows shell execution.
+ * This avoids the deprecation warning by not passing an args array.
+ */
+function buildWindowsCommand(command: string, args: string[]): string {
+	const escapedArgs = args.map(escapeWindowsArg).join(" ");
+	return `${command} ${escapedArgs}`;
+}
+
+/**
+ * Safely spawn a process cross-platform without shell deprecation warnings.
+ *
+ * On Windows: Uses shell: true but constructs the command string manually
+ * to avoid the deprecation warning about unescaped args.
+ * On Unix: Uses shell: false for normal execution.
+ */
+export function safeSpawn(
+	command: string,
+	args: string[],
+	options?: SafeSpawnOptions,
+): SpawnResult {
+	if (process.platform === "win32") {
+		// On Windows, construct the full command string and use shell: true
+		// without an args array. This avoids the deprecation warning.
+		const fullCommand = buildWindowsCommand(command, args);
+		const result = spawnSync(fullCommand, {
+			...(options as SpawnOptions),
+			encoding: "utf-8",
+			shell: true,
+			windowsHide: true,
+		});
+
+		return {
+			stdout: result.stdout?.toString() || "",
+			stderr: result.stderr?.toString() || "",
+			status: result.status,
+			error: result.error,
+		};
+	}
+
+	// On Unix, use shell: false (the default) with normal args
+	const result = spawnSync(command, args, {
+		...(options as SpawnOptions),
+		encoding: "utf-8",
+		shell: false,
+		windowsHide: true,
+	});
+
+	return {
+		stdout: result.stdout?.toString() || "",
+		stderr: result.stderr?.toString() || "",
+		status: result.status,
+		error: result.error,
+	};
+}
+
+/**
+ * Check if a command is available in PATH
+ */
+export function isCommandAvailable(command: string): boolean {
+	const result = safeSpawn(
+		process.platform === "win32" ? "where" : "which",
+		[command],
+		{ timeout: 5000 },
+	);
+	return result.status === 0;
+}
+
+/**
+ * Find the full path to a command (npx, node, etc.)
+ */
+export function findCommand(command: string): string | null {
+	const finder = process.platform === "win32" ? "where" : "which";
+	const result = safeSpawn(finder, [command], { timeout: 5000 });
+
+	if (result.status !== 0) return null;
+
+	// Take first line (first match)
+	return result.stdout.trim().split("\n")[0] || null;
+}

package/clients/scan-architectural-debt.js

@@ -1,10 +1,10 @@
 /**
- * Shared architectural debt scanning — used by booboo-fix and booboo-refactor.
+ * Shared architectural debt scanning.
  * Scans ast-grep skip rules + complexity metrics + architect.yaml rules.
  */
-import { spawnSync } from "node:child_process";
 import * as fs from "node:fs";
 import * as path from "node:path";
+import { safeSpawn } from "./safe-spawn.js";
 import { getSourceFiles, parseAstGrepJson } from "./scan-utils.js";
 /**
  * Scan for skip-category ast-grep violations grouped by absolute file path.
@@ -13,7 +13,7 @@ export function scanSkipViolations(astGrepClient, configPath, targetPath, isTsPr
     const skipByFile = new Map();
     if (!astGrepClient.isAvailable())
         return skipByFile;
-    const sgResult = spawnSync("npx", [
+    const sgResult = safeSpawn("npx", [
         "sg",
         "scan",
         "--config",
@@ -30,10 +30,7 @@ export function scanSkipViolations(astGrepClient, configPath, targetPath, isTsPr
         ...(isTsProject ? ["--globs", "!**/*.js"] : []),
         targetPath,
     ], {
-        encoding: "utf-8",
         timeout: 30000,
-        shell: true,
-        maxBuffer: 32 * 1024 * 1024,
     });
     const items = parseAstGrepJson(sgResult.stdout?.trim() ?? "");
     for (const item of items) {

package/clients/scan-architectural-debt.ts

@@ -1,14 +1,14 @@
 /**
- * Shared architectural debt scanning — used by booboo-fix and booboo-refactor.
+ * Shared architectural debt scanning.
  * Scans ast-grep skip rules + complexity metrics + architect.yaml rules.
  */
 
-import { spawnSync } from "node:child_process";
 import * as fs from "node:fs";
 import * as path from "node:path";
 import type { ArchitectClient } from "./architect-client.js";
 import type { AstGrepClient } from "./ast-grep-client.js";
 import type { ComplexityClient } from "./complexity-client.js";
+import { safeSpawn } from "./safe-spawn.js";
 import { getSourceFiles, parseAstGrepJson } from "./scan-utils.js";
 
 export type SkipIssue = { rule: string; line: number; note: string };
@@ -28,7 +28,7 @@ export function scanSkipViolations(
 	const skipByFile = new Map<string, SkipIssue[]>();
 	if (!astGrepClient.isAvailable()) return skipByFile;
 
-	const sgResult = spawnSync(
+	const sgResult = safeSpawn(
 		"npx",
 		[
 			"sg",
@@ -48,10 +48,7 @@ export function scanSkipViolations(
 			targetPath,
 		],
 		{
-			encoding: "utf-8",
 			timeout: 30000,
-			shell: true,
-			maxBuffer: 32 * 1024 * 1024,
 		},
 	);
 

package/clients/scan-utils.js

@@ -1,5 +1,6 @@
 import * as fs from "node:fs";
 import * as path from "node:path";
+import { EXCLUDED_DIRS, isTestFile } from "./file-utils.js";
 /**
  * Common parsing logic for ast-grep JSON output (handles both array and NDJSON).
  */
@@ -30,7 +31,7 @@ export function parseAstGrepJson(raw) {
  */
 export function shouldIgnoreFile(filePath, isTsProject) {
     const relPath = filePath.replace(/\\/g, "/");
-    const basename = path.basename(relPath);
+    const _basename = path.basename(relPath);
     // Ignore compiled JS in TS projects
     const isJs = relPath.endsWith(".js") ||
         relPath.endsWith(".mjs") ||
@@ -38,20 +39,11 @@ export function shouldIgnoreFile(filePath, isTsProject) {
     if (isTsProject && isJs)
         return true;
     // Ignore test scripts and common test patterns
-    if (basename.startsWith("test-") ||
-        basename.includes(".test.") ||
-        basename.includes(".spec.")) {
+    if (isTestFile(filePath))
         return true;
-    }
     // Ignore hidden directories and common build outputs
-    if (relPath.includes("/node_modules/") ||
-        relPath.includes("/.git/") ||
-        relPath.includes("/dist/") ||
-        relPath.includes("/build/") ||
-        relPath.includes("/.next/") ||
-        relPath.includes("/.pi-lens/")) {
+    if (EXCLUDED_DIRS.some((d) => relPath.includes(`/${d}/`)))
         return true;
-    }
     return false;
 }
 /**
@@ -72,14 +64,7 @@ export function getSourceFiles(dir, isTsProject) {
         for (const entry of entries) {
             const full = path.join(d, entry.name);
             if (entry.isDirectory()) {
-                if ([
-                    "node_modules",
-                    ".git",
-                    "dist",
-                    "build",
-                    ".next",
-                    ".pi-lens",
-                ].includes(entry.name))
+                if (EXCLUDED_DIRS.includes(entry.name))
                     continue;
                 scan(full);
             }

package/clients/scan-utils.ts

@@ -1,5 +1,6 @@
 import * as fs from "node:fs";
 import * as path from "node:path";
+import { EXCLUDED_DIRS, isTestFile } from "./file-utils.js";
 
 /**
  * Common parsing logic for ast-grep JSON output (handles both array and NDJSON).
@@ -32,7 +33,7 @@ export function shouldIgnoreFile(
 	isTsProject: boolean,
 ): boolean {
 	const relPath = filePath.replace(/\\/g, "/");
-	const basename = path.basename(relPath);
+	const _basename = path.basename(relPath);
 
 	// Ignore compiled JS in TS projects
 	const isJs =
@@ -42,25 +43,10 @@ export function shouldIgnoreFile(
 	if (isTsProject && isJs) return true;
 
 	// Ignore test scripts and common test patterns
-	if (
-		basename.startsWith("test-") ||
-		basename.includes(".test.") ||
-		basename.includes(".spec.")
-	) {
-		return true;
-	}
+	if (isTestFile(filePath)) return true;
 
 	// Ignore hidden directories and common build outputs
-	if (
-		relPath.includes("/node_modules/") ||
-		relPath.includes("/.git/") ||
-		relPath.includes("/dist/") ||
-		relPath.includes("/build/") ||
-		relPath.includes("/.next/") ||
-		relPath.includes("/.pi-lens/")
-	) {
-		return true;
-	}
+	if (EXCLUDED_DIRS.some((d) => relPath.includes(`/${d}/`))) return true;
 
 	return false;
 }
@@ -83,17 +69,7 @@ export function getSourceFiles(dir: string, isTsProject: boolean): string[] {
 		for (const entry of entries) {
 			const full = path.join(d, entry.name);
 			if (entry.isDirectory()) {
-				if (
-					[
-						"node_modules",
-						".git",
-						"dist",
-						"build",
-						".next",
-						".pi-lens",
-					].includes(entry.name)
-				)
-					continue;
+				if (EXCLUDED_DIRS.includes(entry.name)) continue;
 				scan(full);
 			} else if (/\.(ts|tsx|js|jsx|py|go|rs)$/.test(entry.name)) {
 				// Skip compiled JS if it's a TS project

package/clients/secrets-scanner.js

@@ -12,6 +12,7 @@
  * - Private keys (BEGIN PRIVATE KEY)
  * - Generic API key/password patterns
  */
+import { isTestFile } from "./file-utils.js";
 // Patterns ordered by specificity - first match wins per line
 const SECRET_PATTERNS = [
     // High-confidence: specific key prefixes
@@ -68,21 +69,6 @@ const SECRET_PATTERNS = [
         message: "Possible secret in .env format",
     },
 ];
-/**
- * Check if file path is a test file (should skip secrets scan)
- */
-function isTestFile(filePath) {
-    const normalized = filePath.replace(/\\/g, "/");
-    return (normalized.includes(".test.") ||
-        normalized.includes(".spec.") ||
-        normalized.includes("/test/") ||
-        normalized.includes("/tests/") ||
-        normalized.includes("__tests__/") ||
-        normalized.includes("test-utils") ||
-        normalized.startsWith("test-") ||
-        normalized.includes(".fixture.") ||
-        normalized.includes(".mock."));
-}
 /**
  * Scan content for potential secrets
  * Returns findings with line numbers.
@@ -97,7 +83,7 @@ export function scanForSecrets(content, filePath) {
     const lines = content.split("\n");
     for (let i = 0; i < lines.length; i++) {
         const line = lines[i];
-        let matched = false;
+        let _matched = false;
         for (const pattern of SECRET_PATTERNS) {
             // Reset lastIndex before each test (important for global regex)
             const regex = new RegExp(pattern.pattern.source, pattern.pattern.flags);
@@ -106,7 +92,7 @@ export function scanForSecrets(content, filePath) {
                     line: i + 1,
                     message: pattern.message,
                 });
-                matched = true;
+                _matched = true;
                 break; // One finding per line
             }
         }

package/clients/secrets-scanner.ts

@@ -13,6 +13,8 @@
  * - Generic API key/password patterns
  */
 
+import { isTestFile } from "./file-utils.js";
+
 interface SecretPattern {
 	pattern: RegExp;
 	name: string;
@@ -83,24 +85,6 @@ export interface SecretFinding {
 	message: string;
 }
 
-/**
- * Check if file path is a test file (should skip secrets scan)
- */
-function isTestFile(filePath: string): boolean {
-	const normalized = filePath.replace(/\\/g, "/");
-	return (
-		normalized.includes(".test.") ||
-		normalized.includes(".spec.") ||
-		normalized.includes("/test/") ||
-		normalized.includes("/tests/") ||
-		normalized.includes("__tests__/") ||
-		normalized.includes("test-utils") ||
-		normalized.startsWith("test-") ||
-		normalized.includes(".fixture.") ||
-		normalized.includes(".mock.")
-	);
-}
-
 /**
  * Scan content for potential secrets
  * Returns findings with line numbers.
@@ -120,7 +104,7 @@ export function scanForSecrets(
 
 	for (let i = 0; i < lines.length; i++) {
 		const line = lines[i];
-		let matched = false;
+		let _matched = false;
 		for (const pattern of SECRET_PATTERNS) {
 			// Reset lastIndex before each test (important for global regex)
 			const regex = new RegExp(pattern.pattern.source, pattern.pattern.flags);
@@ -129,7 +113,7 @@ export function scanForSecrets(
 					line: i + 1,
 					message: pattern.message,
 				});
-				matched = true;
+				_matched = true;
 				break; // One finding per line
 			}
 		}

package/clients/services/__tests__/effect-integration.test.js

@@ -0,0 +1,86 @@
+/**
+ * Effect Integration Tests
+ *
+ * Tests for Effect-TS concurrent runner execution.
+ */
+import { beforeEach, describe, expect, it, vi } from "vitest";
+import { clearRunnerRegistry, listRunners, registerRunner, } from "../../dispatch/dispatcher.js";
+import { dispatchLintWithEffect, dispatchWithEffect, } from "../effect-integration.js";
+describe("Effect Integration", () => {
+    beforeEach(async () => {
+        clearRunnerRegistry();
+        // Register a simple test runner
+        const testRunner = {
+            id: "test-runner",
+            appliesTo: ["jsts"],
+            priority: 10,
+            enabledByDefault: true,
+            async run(ctx) {
+                return {
+                    status: "succeeded",
+                    diagnostics: [{
+                            id: "test:1",
+                            message: "Test diagnostic",
+                            filePath: ctx.filePath,
+                            severity: "info",
+                            semantic: "silent",
+                            tool: "test-runner",
+                        }],
+                    semantic: "none",
+                };
+            },
+        };
+        registerRunner(testRunner);
+    });
+    it("should have runners registered", () => {
+        const runners = listRunners();
+        expect(runners.length).toBeGreaterThan(0);
+        expect(runners.some(r => r.id === "test-runner")).toBe(true);
+    });
+    it("should run effect integration with real runners", async () => {
+        const ctx = {
+            filePath: "test.ts",
+            cwd: "/test",
+            kind: "jsts",
+            pi: {
+                getFlag: vi.fn(() => false),
+            },
+            autofix: true,
+            deltaMode: false,
+            baselines: new Map(),
+            hasTool: vi.fn(() => Promise.resolve(false)),
+            log: vi.fn(),
+        };
+        // Get actual runners for jsts
+        const { getRunnersForKind } = await import("../../dispatch/dispatcher.js");
+        const runners = getRunnersForKind("jsts");
+        const group = {
+            runnerIds: runners.slice(0, 2).map(r => r.id), // Use first 2 runners
+            mode: "all",
+        };
+        const result = await dispatchWithEffect(ctx, [group]);
+        // Just verify it doesn't crash and returns valid result
+        expect(result).toBeDefined();
+        expect(typeof result.durationMs).toBe("number");
+    });
+    it("should handle --lens-effect flag path", async () => {
+        const mockPi = {
+            getFlag: vi.fn((flag) => flag === "lens-effect"),
+            readFile: vi.fn(),
+            writeFile: vi.fn(),
+            editFile: vi.fn(),
+            bash: vi.fn(),
+            ui: {
+                notify: vi.fn(),
+                progress: vi.fn(),
+                prompt: vi.fn(),
+            },
+            llm: {
+                stream: vi.fn(),
+                createMessage: vi.fn(),
+            },
+        };
+        const output = await dispatchLintWithEffect("test.ts", "/test", mockPi);
+        expect(typeof output).toBe("string");
+    });
+});